Location: PHPKode > projects > Fretsweb > fretsweb-1.2/fretsweb/admin/delsong.php
<?php

/*
Fretsweb - A Frets on Fire chart server
Copyright (C) 2009, Daan Sprenkels

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

require_once "common.php";

//Login Test
session_start();
if($_SESSION['in'] < 1)
{
	header('location: login.php?need=moderator');
	die();
}


include_once "log.php";

if (!function_exists("htmlspecialchars_decode")) {
    function htmlspecialchars_decode($string, $quote_style = ENT_COMPAT) {
        return strtr($string, array_flip(get_html_translation_table(HTML_SPECIALCHARS, $quote_style)));
    }
}

// called after a form submission?
if( array_key_exists('_submit_check', $_POST) ) {
	while ( $songhash = current( $_POST ) ) {
		if ( strpos ( key($_POST), "song" ) !== false ){
			if( get_magic_quotes_gpc() ) { $songhash = stripslashes($songhash); }
			$songhash = htmlspecialchars_decode($songhash);
			$sql = "SELECT `artist`, `title` FROM `contest_songs` WHERE `hash`='$songhash'";
			$query = mysql_query($sql);
			$song = mysql_fetch_assoc($query);
			$res1 = mysql_query( "DELETE FROM `contest_songs`  WHERE `hash` = '" . addslashes($songhash) . "'" );
			$res2 = mysql_query( "DELETE FROM `contest_scores` WHERE `hash` = '" . addslashes($songhash) . "'" );
			if( ! ( $res1 && $res2) )
				$info = "Cannot delete song " . htmlspecialchars($songhash);
			else
			{
				$info = "Deleting " . htmlspecialchars($songhash);
				clog("Del song: $songhash");
				cfeed("Song deleted", "The song {$song['title']} from {$song['artist']} has been deleted. All the scores from this song have also been deleted.", 'songchange');
			}
		}
		next( $_POST );
	}
}
?><html>
<head>
<title>Delete songs</title>
<link href="../css.php" rel="stylesheet" type="text/css" />
<link href="../images/favicon.png" rel="icon">
</head>
<body><center>
<h2>Remove song</h2>
<?php

if(isset($info))
	echo "<p class=\"info\">$info</p>";

?>
<!-- The del-song form -->
<p>Songs currently in database:</p>
<form name="delsongform" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
	<?php
		$query = "SELECT * FROM `contest_songs` WHERE `request` = '0' ORDER BY `title`";
		$songs = mysql_query( $query ) or die( "Cannot find songs in database" );
		$songnum = mysql_numrows( $songs );
		echo "<table class=\"regular\"><tr><th>Del</th><th>Artist</th><th>Title</th><th/></tr>";
		for( $i = 0; $i < $songnum; $i++ ) {
			echo "<tr>";
			echo "<td><input type=\"checkbox\" name=\"song" . $i . "\" value=\"" . htmlspecialchars(mysql_result($songs, $i, "hash")) . "\"></td>";
			echo "<td>" . htmlspecialchars(mysql_result($songs, $i, "artist")) . "</td>";
			echo "<td>" . htmlspecialchars(mysql_result($songs, $i, "title" )) . "</td>";
			echo "<td><a href=\"../song.php?hash=" . mysql_result($songs, $i, "hash" ) . "\"><img src=\"../images/information.png\"></a>
<a href=\"editsong.php?hash=" . mysql_result($songs, $i, "hash" ) . "\"><img src=\"../images/pencil_go.png\"></a></td>";
			echo "</tr>";
		}
		echo "</table>";
	?><p>
	<input type="hidden" name="_submit_check" value="1"/> 
	<input type="submit" value="Delete selected songs"></p>
</form>
<p><b><a href="index.php">Back to main administration panel</a></b><p>
</center></body>
</html>

<?php
	// close DB
	mysql_close( $db_link );
?>
Return current item: Fretsweb